What is the CVSS score of CVE-2025-50641?

CVE-2025-50641 has a CVSS 3.1 base score of 6.5 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N. EPSS exploitation probability: 0.1%.

Which versions of Tenda are affected by CVE-2025-50641?

Organizations using Tenda AC6 15.03.05.16_multi should be aware of notable risk from CVE-2025-50641, a buffer overflow vulnerability rated CVSS 6.5.

Is there a public PoC exploit available for CVE-2025-50641?

Yes, a public proof-of-concept exploit is available for CVE-2025-50641. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-50641?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Tenda CVE-2025-50641

EUVD-2025-19651 MEDIUM

Classic Buffer Overflow (CWE-120)

2025-07-01 cve@mitre.org

Buffer Overflow Tenda

6.5

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

6.5 MEDIUM

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

None

Lifecycle Timeline

PoC Detected

Apr 08, 2026 - 19:24 vuln.today

Public exploit code

EUVD ID Assigned

Mar 16, 2026 - 01:42 euvd

EUVD-2025-19651

CVE Published

Jul 01, 2025 - 16:15 nvd

MEDIUM 6.5

DescriptionCVE.org

Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the addWifiMacFilter function via the parameter deviceId.

Analysis

Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the addWifiMacFilter function via the parameter deviceId.

More from same product – last 7 days

CVE-2026-38065 CRITICAL Act Now

9.8 Jun 15

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_ims_on_with_apn via the

CVE-2026-38060 CRITICAL Act Now

9.8 Jun 15

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_unlock_sim via the pin p

CVE-2026-38061 CRITICAL Act Now

9.8 Jun 15

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_set_volume via the volum

CVE-2026-38062 CRITICAL Act Now

9.8 Jun 15

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_set_rat_mode via the rat

CVE-2026-38063 CRITICAL Act Now

9.8 Jun 15

Tenda 5G03 V05.03.02.04 (Version 1.0) is vulnerable to Command injection in the function action_radio_on_with_ia_apn via

CVE-2025-50641 vulnerability details – vuln.today

Back

Tenda CVE-2025-50641

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

Analysis

More from same product – last 7 days

Share

External POC / Exploit Code